Cross-Site Scripting Vulnerability in Solaris AnswerBook2 by Sun Microsystems
CVE-2005-0549

Currently unrated

Key Information:

Vendor: Oracle
Status: Solaris Answerbook2
Vendor: CVE Published:; 2 May 2005

What is CVE-2005-0549?

A Cross-Site Scripting (XSS) vulnerability exists in the Solaris AnswerBook2 Documentation, specifically in version 1.4.4 and earlier. This flaw allows remote attackers to execute arbitrary web scripts or HTML code by exploiting the 'View Log Files' function. If successfully exploited, this vulnerability can potentially harm users by delivering malicious content, leading to unauthorized data access or other security breaches. It is essential for organizations using affected versions to apply patches and mitigate the risk associated with this vulnerability.

References

http://marc.info/?l=bugtraq&m=111205163531628&w=2

mailing-listx_refsource_BUGTRAQ

http://sunsolve.sun.com/search/document.do?assetkey=1-77-...

vendor-advisoryx_refsource_SUNALERT

http://sunsolve.sun.com/search/document.do?assetkey=1-26-...

vendor-advisoryx_refsource_SUNALERT

Timeline

Vulnerability published
May 2, 2005
Vulnerability Reserved
Feb 25, 2005

Oracle

What is CVE-2005-0549?

References

Timeline